package com.wy.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/**
 * @描述
 * @创建人 wangyue
 * @创建时间2019/12/916:41
 */
@Configuration
@EnableWebSecurity(debug = true)// 使用debug模式，每次请求控制台可以看到详细拦截信息
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserDetailsService userDetailsService;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //设置登录,注销，表单登录不用拦截，其他请求要拦截
        http.formLogin()
                .loginPage("/index") //登录页面
                .loginProcessingUrl("/login") //登录方法
                .successForwardUrl("/hello") //登录成功跳转方法
                .failureUrl("/login?error") //登录失败的方法
                .and()
                .authorizeRequests()
                .antMatchers("/index", "/login", "/error", "/favicon.ico").permitAll() //不需要拦截的方法
                .anyRequest().authenticated() //任何请求,登录后可以访问
                .and()
                .csrf().disable();//关闭默认的csrf认证
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        /**
         * for memorysource内存，写死用户名和密码
         * 设置内存指定的登录账号和密码以及指定的角色
         * 使用auth.inMemoryAuthentication().withUser("admin").password("123456").roles("ADMIN");
         * 会产生报错，因为没有指定为明文匹配（没有添加.passwordEncoder）
         * 如果要指定为明文匹配，需要添加.passwordEncoder，如下
         */
        /*auth.userDetailsService(new InMemoryUserDetailsManager(
                User.builder().username("jsbintask1").password("{noop}123456").authorities("jsbintask1").build(),
                User.builder().username("jsbintask2").password("{noop}123456").authorities("jsbintask2").build()
        ));*/

        /*  for dbsource*/
        auth.userDetailsService(userDetailsService);
        super.configure(auth);
    }

    @Bean //密码加密
    public BCryptPasswordEncoder bCryptPasswordEncoder() {
        return new BCryptPasswordEncoder();
    }


    @Override
    public void configure(WebSecurity web) throws Exception {
        //设置静态资源不要拦截
        web.ignoring().antMatchers("/js/**","/cs/**","/images/**");
    }
    public static void main(String[] args) {
        BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
        System.out.println(bCryptPasswordEncoder.encode("123456"));
    }
}
